NASA has 'significant problems' with $2.5B IT contract

By Frank Konkel

Feb 05, 2014

NASA has problems with a major IT program that are resulting in a botched technology refresh, a slew of security vulnerabilities and a host of other issues for the space agency. NASA and the contractor are pointing fingers at each other, but NASA Inspector General Paul Martin says there is plenty of blame to go around.

According to Martin, NASA and HP Enterprise Services have encountered significant problems implementing the $2.5 billion Agency Consolidated End-User Services (ACES) contract, which provides desktops, laptops, computer equipment and end-user services such as help desk and data backup. Those problems include "a failed effort to replace most NASA employees' computers within the first six months and low customer satisfaction," the report states.

The IG began its investigation in April 2013 in advance of the midway point between the contract's four-year base period to determine whether the contract was improving employee services, achieving cost savings or other efficiencies, and meeting mission requirements.

"Given that NASA is halfway through the base contract period, it must soon decide whether to exercise the first three-year option or end the contract after the base period and find another way to obtain these critical IT services," the report states. "In light of the criticality of the IT services provided under the ACES contract, NASA's decision on how to move forward will directly affect NASA's more than 17,000 employees and thousands of contractors."

The IG report states that NASA lacked the technical and cultural readiness for an agencywide IT delivery model and did not offer clear contract requirements, while HP failed to deliver on multiple promises.

The report is particularly critical of NASA's IT governance, which the IG and the Government Accountability Office have criticized before. In June 2013, a NASA IG audit found the agency CIO had direct control of only about 10 percent of all IT spending, largely because IT operations are decentralized across 10 centers nationwide. CIO Larry Sweet and other NASA officials vowed to transition to centralized IT authority, but the latest report notes that the "transition has been difficult and remains incomplete."

The ACES contract began in 2011 before any transition to centralized IT spending could have taken place. It sought to mesh an enterprisewide IT solution "across a decentralized and disparate IT environment led by a management culture largely resistant to such change," the report states.

The report further states that "poor implementation by HP on important aspects of the contract and inconsistent oversight by NASA" have contributed to the failings. Furthermore, NASA employees have a negative perception of "the ACES brand," largely due to HP's failure to replace computers across the agency as promised and both HP and NASA's inability "to maintain a complete and accurate inventory of IT equipment."

In the report, HP attributed technology refresh issues to the NASA CIO office's inefficient decision-making and inability to develop a functional ordering system for IT. NASA IT officials blamed HP for not doing its homework about challenges the company would face during implementation.

"HP is performing poorly under the contract even after taking into consideration the agency's failure to establish sound performance metrics," the report states, attributing the statement to top NASA IT officials.

ACES is one of four large contracts that make up NASA's IT Infrastructure Integration Program, which seeks to improve security, increase efficiencies and reduce complexity in IT management. According to the IG report, ACES appears to be behind the eight-ball on all counts.

"NASA is fast approaching a critical decision point when it must weigh the benefits of exercising the first three-year option period or ending the ACES contract and seeking alternatives to meet the agency's IT needs," the report concludes. "Regardless of its decision, NASA must ensure that its choice aligns with the agency's overall enterprise architecture and can be executed within the current and planned IT environment and within the expected budget."

NASA said in an emailed statement that it is "in the process of evaluating all of the factors required in making the determination whether or not to exercise the contract option. ... NASA has been actively engaged since the very start of the contract to identify, prioritize and address contract issues, including many of those identified in the OIG review. That work will continue regardless of the pending decision whether or not to exercise the contract option."

HP said in a statement that "we will continue working together to ensure the success of the project."

The Census Bureau hasn't established a time frame for its cloud computing plans, including testing for scalability, security, and privacy protection, as well as determining a budget for cloud services.

Reader comments

Fri, Feb 7, 2014

I'm sure NASA has a fair hand in this but HP blows when it comes to this. My company uses an HP service agreement. Something like 20% of the laptops deployed to new employees have to be replaced in the first week. For computers that last more than 3 months the contract is valid for repair, not replacement. I had an HP workstation that had all the hard drives replaced a dozen times (full reinstall each time because the backup solution can't handle replacing program, just data), a motherboard, and a power supply. EAch time I said, "Check the power supply." They never did until everything else but the case was new. Full interruption to my work each time. In the end my department coughed up another 5K and bought me a different model workstation.

Thu, Feb 6, 2014

Linda's Legacy. Thanks.

Thu, Feb 6, 2014

NASA IT and IT security have been a disaster zone for years. A unique confluence of funding, cultural, and mission attributes creates problems that will never be solved without a complete restructuring. Many NASA centers are individually funded by Congress and those centers control that funding. Each center has it's own IT and/or CIO functions. The central CIO function is weak and will never be effective until they fully control IT funding. Past efforts to assert control over enterprise-wide IT policy was met with resistance and mixed results when NASA O/CIO tried to take policy control away from the CIO functions at the centers and push NASA CIO personnel into the centers. Together, issues created by Congress' funding process and a weak central CIO with NASA's prevailing academic culture create a big mess. NASA operates as a scientific research and development organization, much like the universities and FFRDCs with whom they partner. Then add the mix extensive foreign partnerships and network connections to foreign universities. The cultural bias is to allow full and open data access and fight any security measures that would place controls on how scientists and technicians handle data and use "their" networks. The result is extensive cost-control issues, inefficiencies, and a swiss-cheese network that creates hacker paradise.

Thu, Feb 6, 2014
OccupyIT

Yet HP, like the other large system integrators, will still be considered more capable than mid or small firms. Some mythology never dies... Hey, let's bring in IBM to fix HPs mistakes.... sigh... Will HP loose access to the market or get kicked off any vehicles because of this? No.

Please post your comments here. Comments are moderated, so they may not appear immediately
after submitting. We will not post comments that we consider abusive or off-topic.